Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YCiGM6juI8pf1KvH-JjWC4Koabg.roa
File: YCiGM6juI8pf1KvH-JjWC4Koabg.roa (raw, json)
Hash identifier: AttwCXbo9i24GYqbLdFXfvS0eNI2BZvcVQ97Ko7HPmU=
Subject key identifier: 60:28:86:33:A8:EE:23:CA:5F:D4:AB:C7:F8:98:D6:0B:82:A8:69:B8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A6E5C1DB89936F6F1C06D39999299
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YCiGM6juI8pf1KvH-JjWC4Koabg.roa
Signing time: Tue 02 Jan 2024 12:33:47 +0000
ROA not before: Tue 02 Jan 2024 12:33:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 62.76.227.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.40.0/22 maxlen: 22
194.87.66.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
212.192.254.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jan 2024 11:36:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:6e:5c:1d:b8:99:36:f6:f1:c0:6d:39:99:92:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60288633a8ee23ca5fd4abc7f898d60b82a869b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6f:36:9a:a0:a5:92:4a:02:40:40:58:64:96:
49:eb:d5:c2:0e:ad:e5:54:da:6e:24:56:b9:1b:73:
ea:15:4a:f0:9a:dd:28:9a:96:51:44:e2:be:36:eb:
2d:59:55:4a:62:f4:fa:0d:18:e1:2a:db:0a:50:02:
af:83:21:e7:3e:72:ae:7d:a7:cc:0d:56:e7:dd:48:
25:a4:0d:be:a9:e4:0e:0e:ee:be:c2:77:42:ef:03:
4e:84:38:d1:e2:cb:93:98:6b:a8:1d:60:3b:92:56:
f2:cc:73:c7:80:4b:c4:71:ac:09:44:03:5e:27:70:
75:b6:37:8b:62:d8:c1:2f:af:50:c8:1c:ad:89:fb:
af:40:ef:16:a5:91:a6:7b:0b:bb:fd:9a:29:50:9e:
ae:70:15:6b:ca:17:59:eb:68:62:74:c0:6c:45:cb:
16:89:59:74:e3:02:c2:5a:61:5b:f2:cc:4e:3f:6c:
75:a9:44:d6:57:df:7c:27:37:23:a1:00:2c:7e:c8:
d9:a0:ea:85:13:c5:9c:e7:f5:4b:0f:d5:e0:7a:a8:
4e:88:d4:5d:ae:ac:ca:fa:80:db:b3:40:2d:5c:70:
6b:11:85:97:b7:5e:11:bf:e6:52:6d:76:1b:fe:5d:
c3:b1:6e:d2:04:f8:d7:ab:36:da:33:64:75:32:77:
4c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:28:86:33:A8:EE:23:CA:5F:D4:AB:C7:F8:98:D6:0B:82:A8:69:B8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YCiGM6juI8pf1KvH-JjWC4Koabg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
194.58.66.0/24
194.87.40.0/24
194.87.66.0/24
195.58.35.0/24
195.58.60.0/24
195.133.25.0/24
195.133.27.0/24
195.133.40.0/22
212.192.254.0/24
Signature Algorithm: sha256WithRSAEncryption
48:72:88:50:f3:4e:cc:24:f2:ac:c0:13:29:4c:06:a9:25:f1:
d3:c5:f5:d3:80:82:9f:c0:b8:9a:af:36:0d:c8:4b:ae:a8:aa:
45:06:86:02:8d:46:10:91:b4:56:32:60:dc:ea:9a:db:29:27:
9c:75:45:af:ab:9e:cd:d7:7d:0f:5d:34:e1:83:4b:44:fb:ef:
22:1a:c2:33:0c:a3:c1:63:33:80:e3:bf:f9:3e:0f:e8:91:33:
5d:ca:4c:e6:ed:e6:87:f6:82:77:9f:63:7d:20:c8:0f:90:93:
7e:22:89:6e:03:e9:14:15:d9:eb:98:9f:9b:ef:65:86:78:33:
8d:63:8b:62:c8:94:1d:5f:62:6c:5f:f3:b1:d9:9a:db:98:ec:
9b:07:ca:c6:f7:90:1d:75:fc:e9:06:3c:a9:75:e4:54:33:bb:
ee:7c:a8:02:99:69:61:4e:be:56:f3:6e:bc:10:74:03:4e:55:
42:66:66:5e:95:a0:e3:51:cd:42:ac:bc:1b:01:eb:c3:b7:b1:
84:10:a2:dc:88:02:57:5f:b5:dc:d8:34:9b:ad:e2:86:7b:a7:
e7:22:69:7d:0a:79:6f:b0:3d:17:7c:03:9c:42:24:09:92:b9:
2a:40:d5:a7:fd:cf:e5:db:83:c0:c6:bd:d4:23:b2:17:49:70:
8b:c8:9e:50
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzKKm5cHbiZNvbxwG05mZKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDI4ODYzM2E4ZWUyM2NhNWZkNGFiYzdmODk4ZDYwYjgyYTg2OWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq282mqClkkoCQEBYZJZJ69XCDq3l
VNpuJFa5G3PqFUrwmt0ompZRROK+NustWVVKYvT6DRjhKtsKUAKvgyHnPnKufafM
DVbn3UglpA2+qeQODu6+wndC7wNOhDjR4suTmGuoHWA7klbyzHPHgEvEcawJRANe
J3B1tjeLYtjBL69QyBytifuvQO8WpZGmewu7/ZopUJ6ucBVryhdZ62hidMBsRcsW
iVl04wLCWmFb8sxOP2x1qUTWV998JzcjoQAsfsjZoOqFE8Wc5/VLD9XgeqhOiNRd
rqzK+oDbs0AtXHBrEYWXt14Rv+ZSbXYb/l3DsW7SBPjXqzbaM2R1MndM3QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFGAohjOo7iPKX9Srx/iY1guCqGm4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWUNpR002anVJOHBmMUt2SC1KaldDNEtvYWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAPkzjAwQA
wjpCAwQAwlcoAwQAwldCAwQAwzojAwQAwzo8AwQAw4UZAwQAw4UbAwQCw4UoAwQA
1MD+MA0GCSqGSIb3DQEBCwUAA4IBAQBIcohQ807MJPKswBMpTAapJfHTxfXTgIKf
wLiarzYNyEuuqKpFBoYCjUYQkbRWMmDc6prbKSecdUWvq57N130PXTThg0tE++8i
GsIzDKPBYzOA47/5Pg/okTNdykzm7eaH9oJ3n2N9IMgPkJN+IoluA+kUFdnrmJ+b
72WGeDONY4tiyJQdX2JsX/Ox2ZrbmOybB8rG95AddfzpBjypdeRUM7vufKgCmWlh
Tr5W8268EHQDTlVCZmZelaDjUc1CrLwbAevDt7GEEKLciAJXX7Xc2DSbreKGe6fn
Iml9CnlvsD0XfAOcQiQJkrkqQNWn/c/l24PAxr3UI7IXSXCLyJ5Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:19 2024 by rpki-client on console-fra.rpki-client.org